Editor’s note: This post was updated on June 14, 2022, with the latest information and resources. Please refer to this blog post for relevant updates to Personally Identifiable Information (PII) data.
In the Winter ’22 release, we’ll roll out the ability to prevent external users, such as portal or partner users, from viewing personal information in your user records by enabling the Enhanced Personal Information Management permission. This permission replaces the less-configurable Hide Personal Information setting, which will be retired in the Winter ’23 release. So, to help you prepare, let’s dive into the Enhanced Personal Information Management permission.
To protect your external users’ data, Salesforce introduced security settings that let you control personal user information visibility. As an example, let’s say we have two external users, Astro and Codey. Astro can see and edit his own personal information, such as his address, email, and phone number. However, Astro can’t see Codey’s personal information. Similarly, Codey can edit his own personal information but not Astro’s.
Previously, you secured your external user’s personal information with Hide Personal Information, which protected 10 User fields. Hide Personal Information will be retired in Winter ’23 and is being replaced with Enhanced Personal Information Management.
With Enhanced Personal Information Management, you get a more secure framework that:
These settings are available in the User Management settings.
Enhanced Personal Information Management secures 20 fields by setting each field’s compliance category as “PersonalInfo”. As an admin, you choose which fields are considered personal information. From the Object Manager, on the User object, choose a field, such as “About Me.” Edit the field and choose whether the Compliance Categorization should be set as “PersonalInfo”. Please note, if you are enabling Enhanced Personal Information Management in Spring ‘22, or later, the admin experience has changed. Instead of using the Compliance Categorization, you now manage what fields are considered PII through a FieldSet. See changes in Spring ’22 at Enhanced management for protecting external user PII. The images on this Winter ’22 blog post are still accurate for customers who enabled Enhanced Personal Information Management in Winter ’22.
Once a field is set as “PersonalInfo”, it will be hidden from other external users. Since Enhanced Personal Information Management is more secure and configurable, don’t wait to get this enabled in your org!
Before enabling, we recommend you:
Agentforce is transforming the way businesses manage customer interactions by automating conversations across channels like chat, email, and phone. With AI-powered agents capable of resolving issues, answering questions, and executing actions on behalf of customers, organizations can significantly boost productivity by streamlining tasks that once required considerable time and resources, such as customer support and […]
As I’m sitting here in Boston, Massachusetts writing this Spring ’25 release blog, it’s about 30 degrees Fahrenheit outside. I wear ski pants out while walking Mochi, and we had snow on the ground. I am most definitely wishing it was spring right now, where I can look forward to warmer weather and the idea […]
In today’s digital landscape, ensuring the security of customer data is one of the top priorities for Salesforce Admins. With the increasing frequency of security breaches, the need for robust protection of sensitive information is more critical than ever. Exposing services to the public internet inherently opens up vulnerabilities that can lead to unauthorized access, […]
